Governance

Definition of strategies and policies for Security Governance.

Implementation of systems for business activities monitoring and company policies compliance.

Definition and implementation of corrective actions for compliance satisfaction.

Risk Management

Definition and implementation of Risk Management process and related activities to identify, classify and remove risks: Asset Classification, Risk Assessment (Risk Rating Reporting), Risks Reduction to acceptable levels (Remediation Workflow Implementation), Risks Retention to setted levels, Security solutions Planning and Monitoring (Security Plans and Re-entry Plans).

• Risk Assessment & Analysis
  • environment (technological skills) and evaluation methodology identification 
  • informations screening and analysis (Risk Analysis: asset, threats, vulnerabilities, likelihood, etc.)
  • risk analysis results interpretation (qualitative and quantitative)
• Risk Mitigation
  • selection and implementation of appropriate security controls and countermeasures to reduce the risk to acceptable levels according to policies, laws, quality performance and technical requirements 
  • controls and countermeasures effectiveness measuring and deviation of the expected level of actual risk then expected

Compliance

Design, implementation and management of policies monitoring process, procedures and necessary controls for compliance with legislations, international standards and business rules.